kumquat-buildroot/docs/manual/legal-notice.txt

123 lines
6.0 KiB
Plaintext
Raw Normal View History

// -*- mode:doc; -*-
// vim: set syntax=asciidoc:
[[legal-info]]
== Legal notice and licensing
=== Complying with open source licenses
All of the end products of Buildroot (toolchain, root filesystem, kernel,
bootloaders) contain open source software, released under various licenses.
Using open source software gives you the freedom to build rich embedded
systems, choosing from a wide range of packages, but also imposes some
obligations that you must know and honour.
Some licenses require you to publish the license text in the documentation of
your product. Others require you to redistribute the source code of the
software to those that receive your product.
The exact requirements of each license are documented in each package, and
it is your responsibility (or that of your legal office) to comply with those
requirements.
To make this easier for you, Buildroot can collect for you some material you
will probably need. To produce this material, after you have configured
Buildroot with +make menuconfig+, +make xconfig+ or +make gconfig+, run:
--------------------
make legal-info
--------------------
Buildroot will collect legally-relevant material in your output directory,
under the +legal-info/+ subdirectory.
There you will find:
* A +README+ file, that summarizes the produced material and contains warnings
about material that Buildroot could not produce.
* +buildroot.config+: this is the Buildroot configuration file that is usually
produced with +make menuconfig+, and which is necessary to reproduce the
build.
* The source code for all packages; this is saved in the +sources/+ and
+host-sources/+ subdirectories for target and host packages respectively.
The source code for packages that set +<PKG>_REDISTRIBUTE = NO+ will not be
saved.
Patches that were applied are also saved, along with a file named +series+
that lists the patches in the order they were applied. Patches are under the
same license as the files that they modify.
Note: Buildroot applies additional patches to Libtool scripts of
autotools-based packages. These patches can be found under
+support/libtool+ in the Buildroot source and, due to technical
limitations, are not saved with the package sources. You may need to
collect them manually.
* A manifest file (one for host and one for target packages) listing the
configured packages, their version, license and related information.
Some of this information might not be defined in Buildroot; such items are
marked as "unknown".
* The license texts of all packages, in the +licenses/+ and +host-licenses/+
subdirectories for target and host packages respectively.
If the license file(s) are not defined in Buildroot, the file is not produced
and a warning in the +README+ indicates this.
Please note that the aim of the +legal-info+ feature of Buildroot is to
produce all the material that is somehow relevant for legal compliance with the
package licenses. Buildroot does not try to produce the exact material that
you must somehow make public. Certainly, more material is produced than is
needed for a strict legal compliance. For example, it produces the source code
for packages released under BSD-like licenses, that you are not required to
redistribute in source form.
Moreover, due to technical limitations, Buildroot does not produce some
material that you will or may need, such as the toolchain source code for
some of the external toolchains and the Buildroot source code itself.
When you run +make legal-info+, Buildroot produces warnings in the +README+
file to inform you of relevant material that could not be saved.
Finally, keep in mind that the output of +make legal-info+ is based on
declarative statements in each of the packages recipes. The Buildroot
developers try to do their best to keep those declarative statements as
accurate as possible, to the best of their knowledge. However, it is very
well possible that those declarative statements are not all fully accurate
nor exhaustive. You (or your legal department) _have_ to check the output
of +make legal-info+ before using it as your own compliance delivery. See
the _NO WARRANTY_ clauses (clauses 11 and 12) in the +COPYING+ file at the
root of the Buildroot distribution.
[[legal-info-buildroot]]
=== Complying with the Buildroot license
Buildroot itself is an open source software, released under the
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU General
Public License, version 2] or (at your option) any later version, with
the exception of the package patches detailed below.
However, being a build system, it is not normally part of the end product:
if you develop the root filesystem, kernel, bootloader or toolchain for a
device, the code of Buildroot is only present on the development machine, not
in the device storage.
Nevertheless, the general view of the Buildroot developers is that you should
release the Buildroot source code along with the source code of other packages
when releasing a product that contains GPL-licensed software.
This is because the
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU GPL]
defines the "'complete source code'" for an executable work as "'all the
source code for all modules it contains, plus any associated interface
definition files, plus the scripts used to control compilation and installation
of the executable'".
Buildroot is part of the 'scripts used to control compilation and
installation of the executable', and as such it is considered part of the
material that must be redistributed.
Keep in mind that this is only the Buildroot developers' opinion, and you
should consult your legal department or lawyer in case of any doubt.
==== Patches to packages
Buildroot also bundles patch files, which are applied to the sources
of the various packages. Those patches are not covered by the license
of Buildroot. Instead, they are covered by the license of the software
to which the patches are applied. When said software is available
under multiple licenses, the Buildroot patches are only provided under
the publicly accessible licenses.
See xref:patch-policy[] for the technical details.